Gentoo Linux developer Hanno Böck, who also writes for Golem and runs The Fuzzing Project as a software fuzzing initiative to find issues in software, presented today [5 February 2017] at FOSDEM 2017 over some Linux desktop security shortcomings and how Microsoft Windows 10 is arguably more secure out-of-the-box.

So Hanno Böck's argument for the Linux desktop being less secure than Windows being that the automatic indexing of files under Linux has "a lot of questionable quality parser code" and that there isn't this behavior on Windows by default, but that Windows users generally are running anti-virus software too. An exploit with Ubuntu's Apport bug reporting tool was also pointed out and that more must be done to improve the Linux desktop security.

What's this even supposed to mean?

I was at Hanno's talk (which was excellent btw) and I am under the impression that he carefully avoided giving a definite answer to the question in the title.
Yes, Antivirus software makes you less secure (news at 11).
Yes, running complex parsers on any content you encounter on the Internet is bad (not surprising either).

It appears from the link that the discussion was about GNOME and KDE rather than desktops in general or X11. Since both of these are trying to clone Windows via systemd, I'm not surprised. Is fluxbox as vulnerable?

@Tony0945: Empty words unless you bring up any part of Plasma-5 that depends on systemd.

You completely miss the point, the slides do not mention systemd one single time. Vulnerable libraries can affect every system; automatic indexing/parsing that depends on these libraries multiplies the attack surface. Plasma and Gnome are two widely used examples that use such indexing by default._________________backend.cpp:92:2: warning: #warning TODO - this error message is about as useful as a cooling unit in the arctic

The other weakest point in any operating system (doesn't matter if it's Mac, *nix, or windows) is going to be the human component. Passwords has always been, and for a long time will still be, the most common weak point. All of this is because we all are terrible on remembering passwords and have to use something to aid us to remember all of them.

I feel even better now for making it build-time optional and getting that upstreamed.

steveL wrote:

OTOH, admins have been using {m,}locate for decades now, without major issues to my knowledge.

Well, mlocate does not index metadata, that's the whole point of tracker and baloo._________________backend.cpp:92:2: warning: #warning TODO - this error message is about as useful as a cooling unit in the arctic